Question 1

You are designing an application architecture where an Azure App Service web app needs to securely access an Azure SQL Database and an Azure Storage Account.

Security policies require that no credentials, connection strings, or secrets be stored in the application code or configuration files. The identity used for access must be automatically managed by Azure and tied to the lifecycle of the App Service.

Which identity solution should you recommend?

Accepted Answer

Match 'tied to the lifecycle of the App Service' with System-assigned. User-assigned has an independent lifecycle.

Question 2

What mistakes do candidates make on this AZ-305 question?

Accepted Answer

Choosing User-assigned Managed Identity. User-assigned is better when multiple resources need to share the same identity, but it violates the 'tied to the lifecycle' constraint.

How to approach this question

Full Answer

Common mistakes

Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 4

More questions from this exam